NCP is installed through the Tanzu Application Service (TAS) Ops Manager graphical user interface.

Prerequisites

  • A fresh installation of Ops Manager, NSX, and TAS. Make sure that Ops Manager is installed first, then NSX, and then TAS. For more information, see the Tanzu Application Service documentation.
  • If you are running TAS 2.13, you must download the Jammy stemcell.

Procedure

  1. Download the NCP installation file for TAS.
    The file name is VMware-NSX-T.<version>.<build>.pivotal.
  2. Log in to Ops Manager as an administrator.
  3. Click Import a Product.
  4. Select the file that was downloaded.
  5. Click the Ops Manager Director for VMware vSphere tile.
  6. In the Settings tab for vCenter Config, select NSX Networking and for NSX Mode, select NSX-T.
  7. In the NSX CA Cert field, provide the certificate in PEM format.
  8. Click Save.
  9. Click Installation Dashboard in the upper left corner to return to the dashboard.
  10. Click the Tanzu Application Service tile.
  11. In the Settings tab, select Networking in the navigation pane.
  12. Under Container Network Interface Plugin, select External.
  13. Click Installation Dashboard in the upper left corner to return to the dashboard.
  14. Click Save.
  15. Click Installation Dashboard in the upper left corner to return to the dashboard.
  16. Click the VMware NSX-T tile.
  17. Enter the address of the NSX Manager.
  18. Select the method for NSX Manager authentication.
    Option Action
    Client Certificate Authentication Provide the certificate and private key for NSX Manager.
    Basic Authentication with Username and Password Provide the NSX Manager administrator user name and password.
  19. In the NSX Manager CA Cert field, provide the certificate.
  20. Click Save.
  21. Select NCP in the navigation pane.
  22. Enter the TAS Foundation Name.
    This string uniquely identifies a TAS foundation in NSX API. This string is also used as the prefix in the names of NSX resources created by NCP for the TAS foundation.
  23. Enter the Overlay Transport Zone.
  24. Enter the Tier-0 Router.
  25. Specify one or more IP Blocks of Container Networks.
    1. Click Add.
    2. Enter IP Block Name. It can be a new or existing IP block.
    3. For a new IP block only, specify the block in CIDR format, for example, 10.1.0.0/16.
  26. Specify the subnet prefix of the container networks.
  27. Click Enable SNAT for Container Networks to enable SNAT.
  28. Specify one or more IP Pools used to provide External (NAT) IP Address to Org Networks.
    1. Click Add.
    2. Enter IP Pool Name. It can be a new or existing IP pool.
    3. For a new IP pool only, specify the IP addresses by providing the CIDR and the IP ranges.
  29. (Optional) Enter the Top Firewall Section Marker.
  30. (Optional) Enter the Bottom Firewall Section Marker.
  31. (Optional) Enable or disable the following options.
    Option Default Value
    Log Dropped Application Traffic Disabled. If enabled, traffic that is dropped due to a firewall rule will be logged.
    Enable Debug Level for NCP Logging Enabled.
  32. Click Save.
  33. (Optional) Select NSX Node Agent in the navigation pane.
    1. Check Enable Debug Level of Logging for NSX Node Agent to enable debug level logging.
    2. Click Save.
  34. Click Installation Dashboard in the upper left corner to return to the dashboard.
  35. Click Apply Changes.